A recent report indicated that approximately 20 Israeli cryptocurrency executives were extorted after a hack and identity theft in a coordinated cyberattack at the start of September.
The country’s intelligence agency Mossad and the internal security service Shin Bet were involved with the investigation.
20 Israeli Crypto Execs Hacked
According to the report, the coordinated attack took place at the beginning of September. The hackers’ group name remains undisclosed, but people familiar with the matter have named it a “sophisticated team” that may have even been state-sponsored.
Tzahi Ganot, co-founder of a security firm Pandora, explained how the entire operation went down. All victims were clients of an Israeli telecommunications giant Partner, and the unknown hacker’s group used their own SMS verification processes to obtain personal data.
Ganot commented that “stealing a user’s SMS messages is not simple and isn’t supposed to be accessible to private individuals.” Although it can be done if the hacker is physically close to the target, it’s “hard to believe there’s a person wandering around Tel Aviv and getting close to so many people without being caught by Shin Bet.”
Initially, a client approached Ganot and his company on September 7th with the issue and a ransom request in the form of cryptocurrencies. He said that on the next morning, he was “flooded with messages from people with similar complaints of being hacked.”
“Altogether, there were about 20 victims, all CEOs and vice CEOs who run digital currency projects. In many of the cases, their Telegram apps had been hacked, but in others, it was their Gmail and Yahoo mail accounts.”
Mossad And Shin Bet Involvement
Some of the victims filed police complaints but received only brief and unclear responses. However, Ganot asserted that the rapidly growing number of similar cases reached Mossad and Shin Bet shortly.
Although he hasn’t revealed any further details regarding the involvement and actions taken by the two agencies, he noted that the hack “overall failed.” As far as Ganot knew, none of the victims transferred any cryptocurrencies as ransom. However, the hackers’ identity still remains unknown.
He outlined Partner’s lack of collaboration on the matter and said that the telecommunications company lost all of the victims as clients. Furthermore, he suggested that other similar firms may have had more robust firewall protection, which Partnered missed.